mirror of
https://github.com/LemmyNet/lemmy.git
synced 2024-11-22 20:31:19 +00:00
parent
25e98064b6
commit
9d7009c772
5 changed files with 25 additions and 12 deletions
|
@ -3,7 +3,7 @@ use actix_web::web::Data;
|
||||||
use lemmy_api_common::{
|
use lemmy_api_common::{
|
||||||
context::LemmyContext,
|
context::LemmyContext,
|
||||||
site::{PurgeComment, PurgeItemResponse},
|
site::{PurgeComment, PurgeItemResponse},
|
||||||
utils::{get_local_user_view_from_jwt, is_admin},
|
utils::{get_local_user_view_from_jwt, is_top_admin},
|
||||||
};
|
};
|
||||||
use lemmy_db_schema::{
|
use lemmy_db_schema::{
|
||||||
source::{
|
source::{
|
||||||
|
@ -28,8 +28,8 @@ impl Perform for PurgeComment {
|
||||||
let local_user_view =
|
let local_user_view =
|
||||||
get_local_user_view_from_jwt(&data.auth, context.pool(), context.secret()).await?;
|
get_local_user_view_from_jwt(&data.auth, context.pool(), context.secret()).await?;
|
||||||
|
|
||||||
// Only let admins purge an item
|
// Only let the top admin purge an item
|
||||||
is_admin(&local_user_view)?;
|
is_top_admin(context.pool(), local_user_view.person.id).await?;
|
||||||
|
|
||||||
let comment_id = data.comment_id;
|
let comment_id = data.comment_id;
|
||||||
|
|
||||||
|
|
|
@ -4,7 +4,7 @@ use lemmy_api_common::{
|
||||||
context::LemmyContext,
|
context::LemmyContext,
|
||||||
request::purge_image_from_pictrs,
|
request::purge_image_from_pictrs,
|
||||||
site::{PurgeCommunity, PurgeItemResponse},
|
site::{PurgeCommunity, PurgeItemResponse},
|
||||||
utils::{get_local_user_view_from_jwt, is_admin, purge_image_posts_for_community},
|
utils::{get_local_user_view_from_jwt, is_top_admin, purge_image_posts_for_community},
|
||||||
};
|
};
|
||||||
use lemmy_db_schema::{
|
use lemmy_db_schema::{
|
||||||
source::{
|
source::{
|
||||||
|
@ -29,8 +29,8 @@ impl Perform for PurgeCommunity {
|
||||||
let local_user_view =
|
let local_user_view =
|
||||||
get_local_user_view_from_jwt(&data.auth, context.pool(), context.secret()).await?;
|
get_local_user_view_from_jwt(&data.auth, context.pool(), context.secret()).await?;
|
||||||
|
|
||||||
// Only let admins purge an item
|
// Only let the top admin purge an item
|
||||||
is_admin(&local_user_view)?;
|
is_top_admin(context.pool(), local_user_view.person.id).await?;
|
||||||
|
|
||||||
let community_id = data.community_id;
|
let community_id = data.community_id;
|
||||||
|
|
||||||
|
|
|
@ -4,7 +4,7 @@ use lemmy_api_common::{
|
||||||
context::LemmyContext,
|
context::LemmyContext,
|
||||||
request::purge_image_from_pictrs,
|
request::purge_image_from_pictrs,
|
||||||
site::{PurgeItemResponse, PurgePerson},
|
site::{PurgeItemResponse, PurgePerson},
|
||||||
utils::{get_local_user_view_from_jwt, is_admin, purge_image_posts_for_person},
|
utils::{get_local_user_view_from_jwt, is_top_admin, purge_image_posts_for_person},
|
||||||
};
|
};
|
||||||
use lemmy_db_schema::{
|
use lemmy_db_schema::{
|
||||||
source::{
|
source::{
|
||||||
|
@ -29,8 +29,8 @@ impl Perform for PurgePerson {
|
||||||
let local_user_view =
|
let local_user_view =
|
||||||
get_local_user_view_from_jwt(&data.auth, context.pool(), context.secret()).await?;
|
get_local_user_view_from_jwt(&data.auth, context.pool(), context.secret()).await?;
|
||||||
|
|
||||||
// Only let admins purge an item
|
// Only let the top admin purge an item
|
||||||
is_admin(&local_user_view)?;
|
is_top_admin(context.pool(), local_user_view.person.id).await?;
|
||||||
|
|
||||||
// Read the person to get their images
|
// Read the person to get their images
|
||||||
let person_id = data.person_id;
|
let person_id = data.person_id;
|
||||||
|
|
|
@ -4,7 +4,7 @@ use lemmy_api_common::{
|
||||||
context::LemmyContext,
|
context::LemmyContext,
|
||||||
request::purge_image_from_pictrs,
|
request::purge_image_from_pictrs,
|
||||||
site::{PurgeItemResponse, PurgePost},
|
site::{PurgeItemResponse, PurgePost},
|
||||||
utils::{get_local_user_view_from_jwt, is_admin},
|
utils::{get_local_user_view_from_jwt, is_top_admin},
|
||||||
};
|
};
|
||||||
use lemmy_db_schema::{
|
use lemmy_db_schema::{
|
||||||
source::{
|
source::{
|
||||||
|
@ -29,8 +29,8 @@ impl Perform for PurgePost {
|
||||||
let local_user_view =
|
let local_user_view =
|
||||||
get_local_user_view_from_jwt(&data.auth, context.pool(), context.secret()).await?;
|
get_local_user_view_from_jwt(&data.auth, context.pool(), context.secret()).await?;
|
||||||
|
|
||||||
// Only let admins purge an item
|
// Only let the top admin purge an item
|
||||||
is_admin(&local_user_view)?;
|
is_top_admin(context.pool(), local_user_view.person.id).await?;
|
||||||
|
|
||||||
let post_id = data.post_id;
|
let post_id = data.post_id;
|
||||||
|
|
||||||
|
|
|
@ -30,6 +30,7 @@ use lemmy_db_views_actor::structs::{
|
||||||
CommunityModeratorView,
|
CommunityModeratorView,
|
||||||
CommunityPersonBanView,
|
CommunityPersonBanView,
|
||||||
CommunityView,
|
CommunityView,
|
||||||
|
PersonViewSafe,
|
||||||
};
|
};
|
||||||
use lemmy_utils::{
|
use lemmy_utils::{
|
||||||
claims::Claims,
|
claims::Claims,
|
||||||
|
@ -60,6 +61,18 @@ pub async fn is_mod_or_admin(
|
||||||
Ok(())
|
Ok(())
|
||||||
}
|
}
|
||||||
|
|
||||||
|
pub async fn is_top_admin(pool: &DbPool, person_id: PersonId) -> Result<(), LemmyError> {
|
||||||
|
let admins = PersonViewSafe::admins(pool).await?;
|
||||||
|
let top_admin = admins
|
||||||
|
.get(0)
|
||||||
|
.ok_or_else(|| LemmyError::from_message("no admins"))?;
|
||||||
|
|
||||||
|
if top_admin.person.id != person_id {
|
||||||
|
return Err(LemmyError::from_message("not_top_admin"));
|
||||||
|
}
|
||||||
|
Ok(())
|
||||||
|
}
|
||||||
|
|
||||||
pub fn is_admin(local_user_view: &LocalUserView) -> Result<(), LemmyError> {
|
pub fn is_admin(local_user_view: &LocalUserView) -> Result<(), LemmyError> {
|
||||||
if !local_user_view.person.admin {
|
if !local_user_view.person.admin {
|
||||||
return Err(LemmyError::from_message("not_an_admin"));
|
return Err(LemmyError::from_message("not_an_admin"));
|
||||||
|
|
Loading…
Reference in a new issue